Merge pull request #2 from bigbank-as/develop

fixed bug where watcher was not activated in logstash, added option to type password during script execution
bigbank-as · Sep 19, 2018 · 5b21b7f · 5b21b7f
2 parents 85081fe + 3181744
commit 5b21b7f
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -21,11 +21,12 @@ Python 3 + PIP
 ```bash
 git clone https://github.com/bigbank-as/watchback.git
 cd watchback
-pip3 install requirements.txt
+pip3 install -r requirements.txt
 ./watchback.py --help
 ```
 
 ## Usage
+*For --es_pass argument use - (hypen) if you want to password asked during script execution (prevents password storing in bash/used command history).*
 
 ```
 $ ./watchback.py --es-ca Corporate_Root_CA.crt \

diff --git a/lib/__pycache__/__init__.cpython-36.pyc b/lib/__pycache__/__init__.cpython-36.pyc
diff --git a/lib/__pycache__/watcherimporter.cpython-36.pyc b/lib/__pycache__/watcherimporter.cpython-36.pyc
diff --git a/lib/watcherimporter.py b/lib/watcherimporter.py
@@ -44,6 +44,12 @@ def update_elastic(self, watcher_id, watcher_definition):
         else:
             self.logger.info('Updated watcher %s, it is now version #%d', watcher_id, result.get('_version', 1))
 
+        try:
+            result = self.elastic.xpack.watcher.activate_watch(id=watcher_id)
+        except RequestError as e:
+            self.logger.exception('Unable to activate Elasticsearch watcher %s: %s', watcher_id, str(e))
+            return
+
     def watcher_needs_updating(self, watcher_id, watcher_definition):
 
         """

diff --git a/watchback.py b/watchback.py
@@ -3,6 +3,7 @@
 import os
 import sys
 import argparse
+import textwrap
 from elasticsearch import Elasticsearch
 from ssl import create_default_context
 from lib.watcherimporter import WatcherImporter
@@ -40,6 +41,8 @@ def _setup_cli_args():
     --watcher-dir=/home/bruce/vigilante/watchlist
 
 """)
+
+
     parser.add_argument('--watcher-dir', metavar='dirpath', default='watchers',
                         help='Directory containing watch definitions')
     parser.add_argument('--dry-run', default=False, action='store_true',
@@ -48,9 +51,14 @@ def _setup_cli_args():
                         help='A X509 trusted CA file to use for Elasticsearch HTTPS connections')
     parser.add_argument('--es-host', metavar='host', required=True, action='append',
                         help='Elasticsearch API hostname(s)')
-    parser.add_argument('--es-user', metavar='user', help='Username for Elasticsearch authentication', nargs='?',
+    parser.add_argument('--es-user', metavar='user', help='Username for Elasticsearch authentication.', nargs='?',
                         default=None)
-    parser.add_argument('--es-pass', metavar='pass', help='Password for Elasticsearch authentication', nargs='?',
+    parser.add_argument('--es-pass', metavar='pass',
+                        help='''
+                        Password for Elasticsearch authentication.
+                        Use - (hypen) for asking password during script execution.
+                        ''',
+                        nargs='?',
                         default=None)
     parser.add_argument('--es-insecure',
                         help='''
@@ -64,10 +72,16 @@ def _setup_cli_args():
     return parser.parse_args()
 
 
+
+
 def main():
     args = _setup_cli_args()
     logger = _logger_factory()
 
+    if args.es_pass == "-":
+        es_pass = input("Enter your Elasticsearch password or leave empty if you don't use password: ")
+        args.es_pass = es_pass
+
     if args.es_insecure:
         logger.critical('I\'m sorry Dave, I\'m afraid I can\'t do that. ' +
                         'I just prevented you from shooting your own foot with a ' +